VAR-201908-1958
Vulnerability from variot - Updated: 2025-12-22 22:47The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Bluetooth BR/EDR The entropy negotiation of the encryption key used for encryption on the connection has a problem that is vulnerable to man-in-the-middle attacks by design. A third party Bluetooth BR/EDR The entropy of the encryption key used for communication 1 Force byte (Key Negotiation Of Bluetooth (KNOB) attack) Brute force attacks on subsequent communications (Brute force attack) May be able to decrypt and intercept the contents. Bluetooth Is Bluetooth Basic Rate / Enhanced Data Rate (Bluetooth BR/EDR) Includes core configuration 6 A short-range wireless technology based on different core specifications and used for low-power short-range communications. Bluetooth To establish encrypted communication for 2 Horn Bluetooth You need to establish a link key that the device will pair and use to generate the encryption key used for encryption at the link layer. The entropy of the encryption key is 1 From bytes 16 In bytes length Bluetooth Set between controllers. When an attacker interrupts the encryption key entropy setting request between controllers and each controller accepts a low entropy setting, encrypted communication with low entropy is forced, resulting in a brute force attack (Brute force attack) Because of this, communication between devices may be easily decrypted.Man-in-the-middle attacks (man-in-the-middle attack) There is a possibility of eavesdropping on encrypted communication by. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. This advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability.
This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64
Bug Fix(es):
-
Backport TCP follow-up for small buffers (BZ#1739184)
-
TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)
-
RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)
-
block: blk-mq improvement (BZ#1780567)
-
RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)
-
blk-mq: overwirte performance drops on real MQ device (BZ#1782183)
-
RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)
-
8) - x86_64
-
Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
-
kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
-
Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)
-
Kernel: page cache side channel attacks (CVE-2019-5489)
-
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
-
kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
-
Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)
-
kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c (CVE-2018-19854)
-
kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)
-
kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)
-
kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)
-
kernel: SCTP socket buffer memory leak leading to denial of service (CVE-2019-3874)
-
kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882)
-
kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207)
-
kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)
-
kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833)
-
kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)
-
kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)
-
kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)
-
kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)
-
Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222)
-
Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
1656986 - CVE-2018-19854 kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c 1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common() 1660385 - CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS 1663176 - CVE-2019-3459 kernel: Heap address information leak while using L2CAP_GET_CONF_OPT 1663179 - CVE-2019-3460 kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP 1664110 - CVE-2019-5489 Kernel: page cache side channel attacks 1666106 - CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c 1671930 - CVE-2019-7222 Kernel: KVM: leak of uninitialized stack contents to guest 1678887 - RT: update RT source tree to the RHEL-8.1 tree 1686373 - CVE-2019-3874 kernel: SCTP socket buffer memory leak leading to denial of service 1689426 - CVE-2019-3882 kernel: denial of service vector through vfio DMA mappings 1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS 1700666 - Make kernel-rt require rt-setup 1705937 - CVE-2019-11599 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping 1709837 - CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command 1712072 - CVE-2019-11833 kernel: fs/ext4/extents.c leads to information disclosure 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c 1724657 - BUG: scheduling while atomic in zswap 1727756 - CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 1728765 - BUG: scheduling while atomic: rcuc/13/134/0x00000002 1729931 - CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking 1733472 - BUG: scheduling while atomic: rcuc/1/24/0x00000002 1733874 - CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control 1743931 - BUG: unable to handle kernel NULL pointer dereference at 0000000000000020 1745646 - [RT] sched/fair: Robustify CFS-bandwidth timer locking 1746708 - CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer 1750813 - CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service
Bug Fix(es):
-
port show-kabi to python3 (BZ#1806924)
-
7.6) - ppc64le, x86_64
-
Description:
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
Bug Fix(es):
-
kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra
macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra address the following:
AppleGraphicsControl Available for: macOS Mojave 10.14.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2019-8693: Arash Tohidi of Solita
autofs Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper Description: This was addressed with additional checks by Gatekeeper on files mounted through a network share. CVE-2019-8656: Filippo Cavallarin
Bluetooth Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-19860
Bluetooth Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England Entry added August 13, 2019
Carbon Core Available for: macOS Mojave 10.14.5 Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8661: Natalie Silvanovich of Google Project Zero
Core Data Available for: macOS Mojave 10.14.5 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data Available for: macOS Mojave 10.14.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project Zero
Disk Management Available for: macOS Mojave 10.14.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8697: ccpwd working with Trend Micro's Zero Day Initiative
FaceTime Available for: macOS Mojave 10.14.5 Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu
Found in Apps Available for: macOS Mojave 10.14.5 Impact: A remote attacker may be able to leak memory Description: This issue was addressed with improved checks. CVE-2019-8663: Natalie Silvanovich of Google Project Zero
Foundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero
Grapher Available for: macOS Mojave 10.14.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8695: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
Graphics Drivers Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2019-8691: Aleksandr Tarasikov (@astarasikov), Arash Tohidi of Solita, Lilang Wu and Moony Li of Trend Micro's Mobile Security Research Team working with Trend Micro's Zero Day Initiative CVE-2019-8692: Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative
Heimdal Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst
IOAcceleratorFamily Available for: macOS Mojave 10.14.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8694: Arash Tohidi of Solita
libxslt Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: A remote attacker may be able to view sensitive information Description: A stack overflow was addressed with improved input validation. CVE-2019-13118: found by OSS-Fuzz
Quick Look Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary Description: This issue was addressed with improved checks. CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project Zero
Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8697: ccpwd working with Trend Micro's Zero Day Initiative
Siri Available for: macOS Mojave 10.14.5 Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Time Machine Available for: macOS Mojave 10.14.5 Impact: The encryption status of a Time Machine backup may be incorrect Description: An inconsistent user interface issue was addressed with improved state management. CVE-2019-8667: Roland Kletzing of cyber:con GmbH
UIFoundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
Additional recognition
Classroom We would like to acknowledge Jeff Johnson of underpassapp.com for their assistance.
Game Center We would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. for their assistance.
Installation note:
macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAl1S688pHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3Hiog/+ PcWPEhxDpnU1ctoVPhyoqkV1tUs8z3hdNyX/tPtQZIQVFB7No1Md0GX8Zrv2libb LwrbU25ewe82XE9Es6ngxTdkRaREn8+hm9gxYPCMDXyKRlv904Q1b4zthYUt7/NO 7RG6ZRHEINOQORzrDsmgT/X6TukIy73HNob+4xZJTdJe9ZU3/zDCaqUgyUJSodou vsVFR3oqkwbVby4eT9+YbxJWMvVoFfB1+Qqo1w9kN7WXcYK3gb7sGtnNQlrE70kR pLRogcmwTQsi+sTm8bxQsuXXjdtTHeeCf0FRJg8NY5wZmdV9lNOghtmNxfTwIuir VeWusIgZWaK7IbgHW3PRYv3Sbrk40zcOraDsPv2rdgjOj4ReVyKHw5/f5Fyhcn+v WnIC4iNIBurz0HZU91QqD58Sqp+HtWl8xkM3ZW+Kd9LjnLty3fNw6Au5Aw8DTHzN 5F+lz7JRVV3+j7AYELog3WV6mdzMKW85gJRJtwXJ8hHSYZnvat06faFlPcDiKjBW rW7BehRykZpmZtaSZjL25IeOuXJHHdRfvabuTZ3nk47SSn7EJJ3xFBnvw6TgVFX+ TvmcUg5FinTSR81NkIY0ux6x1kuV/4vIUGZ4O0Houf/FoUhMQvig9ZkSw2B+Ynbd Xl3qBT4SVPWQyFAvjHwjCZA+GpNsnEKgZm8SlYVgqog= =tCwo -----END PGP SIGNATURE----- .
Bug Fix(es):
-
kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3187-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3187 Issue date: 2019-10-23 CVE Names: CVE-2019-9506 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)
-
powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436)
-
powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745438)
-
ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745446)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source: kernel-3.10.0-693.60.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm
x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source: kernel-3.10.0-693.60.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm
ppc64le: kernel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm perf-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source: kernel-3.10.0-693.60.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm
x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le: kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-9506 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E KceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL A2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e Lbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl 1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA rx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak xg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT lQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo 3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8 zOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn RNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy Vdo262+aA6k= =FkCN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-1958",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cornell-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c01e333r1p1t8\\)"
},
{
"model": "p30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "lelandp-l22d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leland-tl10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "columbia-tl00d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.1.0.186\\(c01gt\\)"
},
{
"model": "y6 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.04"
},
{
"model": "tvos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"model": "cairogo-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "cairogo-l22c461b153"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "princeton-tl10c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.338\\(c185e3r3p1\\)"
},
{
"model": "princeton-al10d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.341\\(c185e1r1p9t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e2r1p12t8\\)"
},
{
"model": "leland-l32c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "yale-tl00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e3r1p14t8\\)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.12.6"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.307\\(c635e4r1p13t8\\)"
},
{
"model": "virtualization host eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "nova 3",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "laya-al00ep",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c432e4r1p11t8\\)"
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.158\\(c432e8r1p5t8\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c782e10r1p9t8\\)"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.332\\(c432e5r1p13t8\\)"
},
{
"model": "lelandp-l22c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ares-al10d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c00e160r2p5t8\\)"
},
{
"model": "y6 prime 2018",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydney-l21",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "cornell-al00ind",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.2.0.141\\(c675custc675d1gt\\)"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "paris-al00ic",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "atomu-l42",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.155\\(c636custc636d1\\)"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.155\\(c10e2r3p1\\)"
},
{
"model": "madrid-tl00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "enterprise linux aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "florida-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c185e6r1p5t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e3r1p13t8\\)"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.137\\(c33e8r1p5t8\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.171\\(c10e2r3p1\\)"
},
{
"model": "leland-tl10c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "madrid-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-al10ind",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.363\\(c675e2r1p9t8\\)"
},
{
"model": "nova 5i pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "jakarta-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "yale-l21a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.351\\(c432e5r1p13t8\\)"
},
{
"model": "nova lite 3",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.172\\(c432e2r5p1\\)"
},
{
"model": "enterprise linux tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.336\\(c636e2r1p12t8\\)"
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "sydney-l22",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "dura-tl00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "1.0.0.176\\(c01\\)"
},
{
"model": "p20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "y9 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "potter-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "florida-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.128\\(c01e112r1p6t8\\)"
},
{
"model": "sydneym-l22",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "lelandp-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "berkeley-tl10",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c01e333r1p1t8\\)"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "p30 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.342\\(c461e1r1p9t8\\)"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "figo-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c605e6r1p5t8\\)"
},
{
"model": "imanager neteco 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e4r1p13t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e7r1p11t8\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c432e2r5p1\\)"
},
{
"model": "tony-tl00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "harry-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "florida-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c636e6r1p5t8\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.149\\(c675e8r2p1\\)"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.170\\(c185e2r5p1\\)"
},
{
"model": "nova 5",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leland-l42c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 8a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "lelandp-al10d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.130\\(c01e115r2p8t8\\)"
},
{
"model": "tony-al00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c185e2r1p13t8\\)"
},
{
"model": "london-al40ind",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "harry-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "johnson-tl00d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "alp-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.326\\(c635e2r1p11t8\\)"
},
{
"model": "p smart",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"model": "asoka-al00ax",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.1.181\\(c00e48r6p1\\)"
},
{
"model": "columbia-al10i",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.335\\(c675e8r1p9t8\\)"
},
{
"model": "sydneym-l23",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ares-tl00c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.165\\(c01e165r2p5t8\\)"
},
{
"model": "enterprise linux for real time for nfv eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.347\\(c432e1r1p9t8\\)"
},
{
"model": "enterprise linux for real time eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "katyusha-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "paris-l29b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydneym-l01",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "florida-al20b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.128\\(c00e112r1p6t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c185e3r1p12t8\\)"
},
{
"model": "potter-al10a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "yale-l61c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"model": "sydney-l22br",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydneym-al00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e5r1p9t8\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.170\\(c636e2r3p1\\)"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "dubai-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.2.0.190\\(c00r2p2\\)"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": null
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c605e2r1p11t8\\)"
},
{
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.143\\(c675e8r2p1\\)"
},
{
"model": "hima-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "atomu-l33",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.147\\(c605custc605d1\\)"
},
{
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "bla-tl00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.329\\(c01e320r1p1t8\\)"
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c636e7r1p13t8\\)"
},
{
"model": "dura-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "1.0.0.182\\(c00\\)"
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c636e2r1p12t8\\)"
},
{
"model": "emily-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.1.0.156\\(c605\\)"
},
{
"model": "p smart 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.14.5"
},
{
"model": "harry-tl00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "y6 pro 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor view 10",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "berkeley-al20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"model": "johnson-tl00f",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.122\\(c09e7r1p5t8\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e5r1p14t8\\)"
},
{
"model": "yalep-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "florida-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c605e7r1p2t8\\)"
},
{
"model": "yale-al50a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c461e2r1p11t8\\)"
},
{
"model": "enterprise linux for real time for nfv eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "enterprise linux for real time eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "honor 8x",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-l31",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.122d\\(c652\\)"
},
{
"model": "mate 20 x",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cornell-al00i",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.363\\(c675e3r1p9t8\\)"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "nova 4",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "leland-l42a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydney-al00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.165\\(c10e8r1p5t8\\)"
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c636e2r3p1\\)"
},
{
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c461e3r1p11t8\\)"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"model": "leland-l32a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "neo-al00d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydneym-l03",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c185e2r5p1\\)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.6"
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.300\\(c605e2r1p12t8\\)"
},
{
"model": "lelandp-l22a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e4r1p11t8\\)"
},
{
"model": "leland-l31a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "atomu-l41",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.153\\(c461custc461d1\\)"
},
{
"model": "imanager neteco",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "paris-l21b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "mrg realtime",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "y5 2018",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "yale-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydney-tl00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c636e2r1p13t8\\)"
},
{
"model": "lelandp-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydney-l21br",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "columbia-al10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"model": "p20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "honor view 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"model": "barca-al00",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.366\\(c00\\)"
},
{
"model": "leland-l21a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "paris-l21meb",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "princeton-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "florida-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c432e6r1p5t8\\)"
},
{
"model": "ares-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c00e160r2p5t8\\)"
},
{
"model": "mate 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "watchos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.3"
},
{
"model": "honor 10 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "y5 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "bla-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.329\\(c786e320r2p1t8\\)"
},
{
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.137\\(c530e8r1p5t8\\)"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "y7 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "sydneym-l21",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blackberry",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bluetooth sig",
"version": null
},
{
"model": "br/edr core",
"scope": "lte",
"trust": 0.8,
"vendor": "bluetooth sig",
"version": "v5.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007618"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:misc:bluetooth_br_edr_core",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-007618"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155121"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154949"
}
],
"trust": 0.8
},
"cve": "CVE-2019-9506",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-9506",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "ADJACENT NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.8,
"exploitability": "NOT DEFINED",
"exploitabilityScore": 6.5,
"id": "CVE-2019-9506",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "NOT DEFINED",
"reportConfidence": "NOT DEFINED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-160941",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-9506",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cret@cert.org",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-9506",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-9506",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cret@cert.org",
"id": "CVE-2019-9506",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-9506",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-864",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-160941",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-9506",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Bluetooth BR/EDR The entropy negotiation of the encryption key used for encryption on the connection has a problem that is vulnerable to man-in-the-middle attacks by design. A third party Bluetooth BR/EDR The entropy of the encryption key used for communication 1 Force byte (Key Negotiation Of Bluetooth (KNOB) attack) Brute force attacks on subsequent communications (Brute force attack) May be able to decrypt and intercept the contents. Bluetooth Is Bluetooth Basic Rate / Enhanced Data Rate (Bluetooth BR/EDR) Includes core configuration 6 A short-range wireless technology based on different core specifications and used for low-power short-range communications. Bluetooth To establish encrypted communication for 2 Horn Bluetooth You need to establish a link key that the device will pair and use to generate the encryption key used for encryption at the link layer. The entropy of the encryption key is 1 From bytes 16 In bytes length Bluetooth Set between controllers. When an attacker interrupts the encryption key entropy setting request between controllers and each controller accepts a low entropy setting, encrypted communication with low entropy is forced, resulting in a brute force attack (Brute force attack) Because of this, communication between devices may be easily decrypted.Man-in-the-middle attacks (man-in-the-middle attack) There is a possibility of eavesdropping on encrypted communication by. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. \nThis advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability. \n\nThis advisory is available at the following link:\ntools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* Backport TCP follow-up for small buffers (BZ#1739184)\n\n* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)\n\n* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test\n(Marvell/Cavium/QLogic) (L3:) (BZ#1743548)\n\n* block: blk-mq improvement (BZ#1780567)\n\n* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during\nRHEL8.0 validation for SAP HANA on POWER (BZ#1781111)\n\n* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)\n\n* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads\nto drain out system memory quickly. (BZ#1782705)\n\n4. 8) - x86_64\n\n3. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nSecurity Fix(es):\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* Kernel: vhost_net: infinite loop while receiving packets leads to DoS\n(CVE-2019-3900)\n\n* Kernel: page cache side channel attacks (CVE-2019-5489)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n(CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in\ndrivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\n* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)\n\n* kernel: Information Disclosure in crypto_report_one in\ncrypto/crypto_user.c (CVE-2018-19854)\n\n* kernel: usb: missing size check in the __usb_get_extra_descriptor()\nleading to DoS (CVE-2018-20169)\n\n* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT\n(CVE-2019-3459)\n\n* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP\n(CVE-2019-3460)\n\n* kernel: SCTP socket buffer memory leak leading to denial of service\n(CVE-2019-3874)\n\n* kernel: denial of service vector through vfio DMA mappings\n(CVE-2019-3882)\n\n* kernel: null-pointer dereference in hci_uart_set_flow_control\n(CVE-2019-10207)\n\n* kernel: fix race condition between mmget_not_zero()/get_task_mm() and\ncore dumping (CVE-2019-11599)\n\n* kernel: fs/ext4/extents.c leads to information disclosure\n(CVE-2019-11833)\n\n* kernel: sensitive information disclosure from kernel stack memory via\nHIDPCONNADD command (CVE-2019-11884)\n\n* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)\n\n* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c\nleads to denial of service (CVE-2019-15916)\n\n* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c\n(CVE-2018-19985)\n\n* Kernel: KVM: leak of uninitialized stack contents to guest\n(CVE-2019-7222)\n\n* Kernel: net: weak IP ID generation leads to remote device tracking\n(CVE-2019-10638)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1656986 - CVE-2018-19854 kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c\n1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common()\n1660385 - CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS\n1663176 - CVE-2019-3459 kernel: Heap address information leak while using L2CAP_GET_CONF_OPT\n1663179 - CVE-2019-3460 kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP\n1664110 - CVE-2019-5489 Kernel: page cache side channel attacks\n1666106 - CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c\n1671930 - CVE-2019-7222 Kernel: KVM: leak of uninitialized stack contents to guest\n1678887 - RT: update RT source tree to the RHEL-8.1 tree\n1686373 - CVE-2019-3874 kernel: SCTP socket buffer memory leak leading to denial of service\n1689426 - CVE-2019-3882 kernel: denial of service vector through vfio DMA mappings\n1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS\n1700666 - Make kernel-rt require rt-setup\n1705937 - CVE-2019-11599 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping\n1709837 - CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command\n1712072 - CVE-2019-11833 kernel: fs/ext4/extents.c leads to information disclosure\n1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c\n1724657 - BUG: scheduling while atomic in zswap\n1727756 - CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c\n1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n1728765 - BUG: scheduling while atomic: rcuc/13/134/0x00000002\n1729931 - CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking\n1733472 - BUG: scheduling while atomic: rcuc/1/24/0x00000002\n1733874 - CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control\n1743931 - BUG: unable to handle kernel NULL pointer dereference at 0000000000000020\n1745646 - [RT] sched/fair: Robustify CFS-bandwidth timer locking\n1746708 - CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer\n1750813 - CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service\n\n6. \n\nBug Fix(es):\n\n* port show-kabi to python3 (BZ#1806924)\n\n4. 7.6) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nBug Fix(es):\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-8-13-1 Additional information for\nAPPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update\n2019-004 High Sierra, Security Update 2019-004 Sierra\n\nmacOS Mojave 10.14.6, Security Update 2019-004 High Sierra,\nSecurity Update 2019-004 Sierra address the\nfollowing:\n\nAppleGraphicsControl\nAvailable for: macOS Mojave 10.14.5\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2019-8693: Arash Tohidi of Solita\n\nautofs\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: Extracting a zip file containing a symbolic link to an\nendpoint in an NFS mount that is attacker controlled may bypass\nGatekeeper\nDescription: This was addressed with additional checks by Gatekeeper\non files mounted through a network share. \nCVE-2019-8656: Filippo Cavallarin\n\nBluetooth\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-19860\n\nBluetooth\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole\nTippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of\nUniversity of Oxford, England\nEntry added August 13, 2019\n\nCarbon Core\nAvailable for: macOS Mojave 10.14.5\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2019-8661: Natalie Silvanovich of Google Project Zero\n\nCore Data\nAvailable for: macOS Mojave 10.14.5\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nCore Data\nAvailable for: macOS Mojave 10.14.5\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nDisk Management\nAvailable for: macOS Mojave 10.14.5\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8697: ccpwd working with Trend Micro\u0027s Zero Day Initiative\n\nFaceTime\nAvailable for: macOS Mojave 10.14.5\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\nFound in Apps\nAvailable for: macOS Mojave 10.14.5\nImpact: A remote attacker may be able to leak memory\nDescription: This issue was addressed with improved checks. \nCVE-2019-8663: Natalie Silvanovich of Google Project Zero\n\nFoundation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8641: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nGrapher\nAvailable for: macOS Mojave 10.14.5\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8695: riusksk of VulWar Corp working with Trend Micro\u0027s Zero\nDay Initiative\n\nGraphics Drivers\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.5\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2019-8691: Aleksandr Tarasikov (@astarasikov), Arash Tohidi of\nSolita, Lilang Wu and Moony Li of Trend Micro\u0027s Mobile Security\nResearch Team working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8692: Lilang Wu and Moony Li of Trend Micro Mobile Security\nResearch Team working with Trend Micro\u0027s Zero Day Initiative\n\nHeimdal\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: An issue existed in Samba that may allow attackers to perform\nunauthorized actions by intercepting communications between services\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team\nand Catalyst\n\nIOAcceleratorFamily\nAvailable for: macOS Mojave 10.14.5\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8694: Arash Tohidi of Solita\n\nlibxslt\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: A remote attacker may be able to view sensitive information\nDescription: A stack overflow was addressed with improved input\nvalidation. \nCVE-2019-13118: found by OSS-Fuzz\n\nQuick Look\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: An attacker may be able to trigger a use-after-free in an\napplication deserializing an untrusted NSDictionary\nDescription: This issue was addressed with improved checks. \nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project\nZero\n\nSecurity\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8697: ccpwd working with Trend Micro\u0027s Zero Day Initiative\n\nSiri\nAvailable for: macOS Mojave 10.14.5\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nTime Machine\nAvailable for: macOS Mojave 10.14.5\nImpact: The encryption status of a Time Machine backup may be\nincorrect\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2019-8667: Roland Kletzing of cyber:con GmbH\n\nUIFoundation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14.5\nImpact: Parsing a maliciously crafted office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro\u0027s Zero\nDay Initiative\n\nAdditional recognition\n\nClassroom\nWe would like to acknowledge Jeff Johnson of underpassapp.com for\ntheir assistance. \n\nGame Center\nWe would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of\nAlibaba Inc. for their assistance. \n\nInstallation note:\n\nmacOS Mojave 10.14.6, Security Update 2019-004 High Sierra,\nSecurity Update 2019-004 Sierra may be obtained from the\nMac App Store or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAl1S688pHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3Hiog/+\nPcWPEhxDpnU1ctoVPhyoqkV1tUs8z3hdNyX/tPtQZIQVFB7No1Md0GX8Zrv2libb\nLwrbU25ewe82XE9Es6ngxTdkRaREn8+hm9gxYPCMDXyKRlv904Q1b4zthYUt7/NO\n7RG6ZRHEINOQORzrDsmgT/X6TukIy73HNob+4xZJTdJe9ZU3/zDCaqUgyUJSodou\nvsVFR3oqkwbVby4eT9+YbxJWMvVoFfB1+Qqo1w9kN7WXcYK3gb7sGtnNQlrE70kR\npLRogcmwTQsi+sTm8bxQsuXXjdtTHeeCf0FRJg8NY5wZmdV9lNOghtmNxfTwIuir\nVeWusIgZWaK7IbgHW3PRYv3Sbrk40zcOraDsPv2rdgjOj4ReVyKHw5/f5Fyhcn+v\nWnIC4iNIBurz0HZU91QqD58Sqp+HtWl8xkM3ZW+Kd9LjnLty3fNw6Au5Aw8DTHzN\n5F+lz7JRVV3+j7AYELog3WV6mdzMKW85gJRJtwXJ8hHSYZnvat06faFlPcDiKjBW\nrW7BehRykZpmZtaSZjL25IeOuXJHHdRfvabuTZ3nk47SSn7EJJ3xFBnvw6TgVFX+\nTvmcUg5FinTSR81NkIY0ux6x1kuV/4vIUGZ4O0Houf/FoUhMQvig9ZkSw2B+Ynbd\nXl3qBT4SVPWQyFAvjHwjCZA+GpNsnEKgZm8SlYVgqog=\n=tCwo\n-----END PGP SIGNATURE-----\n. \n\nBug Fix(es):\n\n* kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2019:3187-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3187\nIssue date: 2019-10-23\nCVE Names: CVE-2019-9506 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n(CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)\n\n* powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas:\nFix a potential race between CPU-Offline \u0026 Migration (LPM) (BZ#1745436)\n\n* powerpc/pseries: Fix unitialized timer reset on migration /\npowerpc/pseries/mobility: Extend start/stop topology update scope (LPM)\n(BZ#1745438)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM\n(POWER9/P9) (BZ#1745446)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nppc64le:\nkernel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-9506\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E\nKceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL\nA2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e\nLbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl\n1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA\nrx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak\nxg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT\nlQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo\n3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8\nzOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn\nRNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy\nVdo262+aA6k=\n=FkCN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9506"
},
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007618"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155121"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154054"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154949"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9506",
"trust": 3.5
},
{
"db": "CERT/CC",
"id": "VU#918987",
"trust": 3.4
},
{
"db": "PACKETSTORM",
"id": "157216",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90240762",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007618",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156058",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0141",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1366",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1189",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1366.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4676",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0262",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3115",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4252",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1338",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4584",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-27173",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155017",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154949",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154936",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155004",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-160941",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-9506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155121",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154054",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154879",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155121"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154054"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154949"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007618"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"id": "VAR-201908-1958",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
}
],
"trust": 0.6336539924999999
},
"last_update_date": "2025-12-22T22:47:45.218000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Key Negotiation of Bluetooth",
"trust": 0.8,
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"title": "The building blocks of all Bluetooth devices",
"trust": 0.8,
"url": "https://www.bluetooth.com/specifications/"
},
{
"title": "Keep up to date with Errata",
"trust": 0.8,
"url": "https://www.bluetooth.com/specifications/errata/"
},
{
"title": "Bluetooth Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96553"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/08/22/cisco_patch_bundle/"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193187 - Security Advisory"
},
{
"title": "Red Hat: Important: kpatch-patch security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193231 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192975 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193165 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193218 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20201460 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193220 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193089 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193055 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-alt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193217 - Security Advisory"
},
{
"title": "Red Hat: Important: kpatch-patch security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193076 - Security Advisory"
},
{
"title": "Red Hat: CVE-2019-9506",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2019-9506"
},
{
"title": "Cisco: Key Negotiation of Bluetooth Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190813-bluetooth"
},
{
"title": "HP: HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03634"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200204 - Security Advisory"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=814c3d5b0bc03fc1c34e62dbc5cf6bf7"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=20bba81176880ee641f9d46354adc125"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193517 - Security Advisory"
},
{
"title": "Huawei Security Advisories: Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=4da976eef66883f5331725800e5cf063"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193309 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4147-1"
},
{
"title": "Fortinet Security Advisories: CVE-2019-9506 Encryption Key Negotiation of Bluetooth Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-224"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-2"
},
{
"title": "Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-1"
},
{
"title": "Ubuntu Security Notice: linux-aws vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4118-1"
},
{
"title": "knob",
"trust": 0.1,
"url": "https://github.com/francozappa/knob "
},
{
"title": "bluetooth-KNOB",
"trust": 0.1,
"url": "https://github.com/u10427687/bluetooth-KNOB "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/makaubenson/Fix-BT-Ubuntu "
},
{
"title": "broadcom-bt-firmware",
"trust": 0.1,
"url": "https://github.com/winterheart/broadcom-bt-firmware "
},
{
"title": "broadcom-bt-firmware",
"trust": 0.1,
"url": "https://github.com/AlexandrBing/broadcom-bt-firmware "
},
{
"title": "Protocol-Vul",
"trust": 0.1,
"url": "https://github.com/WinMin/Protocol-Vul "
},
{
"title": "awesome-bluetooth-security",
"trust": 0.1,
"url": "https://github.com/engn33r/awesome-bluetooth-security "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000S/PoC-in-GitHub "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xT11/CVE-POC "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/PoC-in-GitHub "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/PoC-in-GitHub "
},
{
"title": "Symantec Threat Intelligence Blog",
"trust": 0.1,
"url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-six-critical-bugs/147585/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/lenovo-warns-bugs-thinkpads/147338/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/wormable-remote-desktop-bugs-august-patch-tuesday/147302/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-traffic/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-connections/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007618"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
},
{
"problemtype": "CWE-327",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"trust": 2.6,
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2020:0204"
},
{
"trust": 2.0,
"url": "https://access.redhat.com/errata/rhsa-2019:3187"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3089"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3165"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3218"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3231"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3309"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"trust": 1.8,
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/11"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/13"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/14"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/15"
},
{
"trust": 1.8,
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2975"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3055"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3076"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3217"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3220"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3517"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"trust": 1.6,
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506"
},
{
"trust": 0.9,
"url": "https://github.com/francozappa/knob"
},
{
"trust": 0.8,
"url": "https://www.bluetooth.com/specifications/adopted-specifications"
},
{
"trust": 0.8,
"url": "https://www.usenix.org/system/files/sec19-antonioli.pdf"
},
{
"trust": 0.8,
"url": "https://www.icasi.org/br-edr-encryption-key-bluetooth-vulnerability/"
},
{
"trust": 0.8,
"url": "http://support.blackberry.com/kb/articledetail?articlenumber=000057251"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2019-9506"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9506"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90240762/"
},
{
"trust": 0.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190813-bluetooth"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html"
},
{
"trust": 0.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157216/red-hat-security-advisory-2020-1460-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1338/"
},
{
"trust": 0.6,
"url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9506"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-27173"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210353"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4676/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346/"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210346"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4252/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4584/"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190828-01-knob-cn"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0141/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0262/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3115/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/bluetooth-br-edr-information-disclosure-via-key-negotiation-30041"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1189/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1366/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1366.2/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-10126"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5489"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-16884"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14821"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5489"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/327.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/918987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0154"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11135"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0155"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0155"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14901"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14901"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11135"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-7222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3874"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-19985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13233"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3882"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11599"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3874"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13233"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3460"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3460"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-7222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19985"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-19854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11833"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3459"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:1460"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8691"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8695"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8692"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8694"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13118"
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8693"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8648"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8641"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8660"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8657"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8667"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8697"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8662"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8661"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3846"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20856"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3846"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20856"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155121"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154054"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154949"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007618"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155121"
},
{
"db": "PACKETSTORM",
"id": "157216"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154054"
},
{
"db": "PACKETSTORM",
"id": "154879"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154949"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-007618"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-14T00:00:00",
"db": "CERT/CC",
"id": "VU#918987"
},
{
"date": "2019-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-160941"
},
{
"date": "2019-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"date": "2020-01-23T00:26:55",
"db": "PACKETSTORM",
"id": "156058"
},
{
"date": "2019-11-06T15:33:55",
"db": "PACKETSTORM",
"id": "155121"
},
{
"date": "2020-04-14T15:40:41",
"db": "PACKETSTORM",
"id": "157216"
},
{
"date": "2019-10-29T14:59:12",
"db": "PACKETSTORM",
"id": "155017"
},
{
"date": "2019-10-29T14:48:28",
"db": "PACKETSTORM",
"id": "155004"
},
{
"date": "2019-08-14T18:32:22",
"db": "PACKETSTORM",
"id": "154054"
},
{
"date": "2019-10-16T15:06:37",
"db": "PACKETSTORM",
"id": "154879"
},
{
"date": "2019-10-22T17:27:00",
"db": "PACKETSTORM",
"id": "154936"
},
{
"date": "2019-10-23T18:29:02",
"db": "PACKETSTORM",
"id": "154949"
},
{
"date": "2019-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"date": "2019-08-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007618"
},
{
"date": "2019-08-14T17:15:11.597000",
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-15T00:00:00",
"db": "CERT/CC",
"id": "VU#918987"
},
{
"date": "2021-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-160941"
},
{
"date": "2021-11-04T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"date": "2021-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"date": "2019-08-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-007618"
},
{
"date": "2024-11-21T04:51:45.113000",
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.